Linux Logging - User Login Attempts

Hello,
Over the last several days, I have had a hacker breach security on a linux box and use it as a mail relay. I found out how he did it, the news account was left open for all to see. What I was wanting to know is this:

Does linux log all login attempts? Where?

When it logs these attempts, does it log the IP address that the attempt was coming from? Where?

Syslog logs all login access, successful and failed attempts in the /var/log/message* files. Failed sessions show the username tried and the reason for failure. Since the syslog data goes back further in time, it's a better way of lookin at access, but it won't give you the remote IP.

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Thanks to all who helped in this question, I'm awarding the points to jlevie because he had the most useful information, but I wish to accredit all of you who participated, as you have each helped in your own way. Thanks!

I am a long time windows user and for me it is normal to have spaces in directory and file names. Changing to Linux I found myself frustrated when I moved my windows data over to my new Linux computer.
The problem occurs when at the command line.…

Learn how to navigate the file tree with the shell.
Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…